| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 22 Jan 2011 17:30:48 +0000 From: "Thor (Hammer of God)" <thor@...merofgod.com> To: "Valdis.Kletnieks@...edu" <Valdis.Kletnieks@...edu>, imipak <imipak@...il.com> Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: "Hacker attacks won't hurt your company brand" >Last I checked, TJX and Heartland were both still in business, and I don't think >any of their security teams ended up in jail or severely unemployed(*). >It's really hard to argue against those two data points. > >'Nuff said. Why would you want to argue for those data points in the first place? After the breach, TJXs stock immediately dumped 14% to its lowest value of the entire year. It took ~6 months for it to stabilize around pre-breach trading. I'm not sure what actually qualifies for a "Nuff said" closer here, but I think stock quotes are a pretty good candidate over position cycling. But to be specific, that isn't what Sweeny said anyway. He said hacking effect on "brand identity" not "value." That said, if he considers a 6 month stock recovery from a 14% drop a "little dip" then I'm envious of his portfolio (and is actually a point worth making to establish his reference). How Shostack took that to mean that breaches don't have business consequences and that a Day of Reckoning is coming for those who say it does is something I just can't see, but I think it is safe to assume that his opinion is not based on owning TJX stock. t _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists